Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)]
Hi all, I am a self-taught Linux admin, working hard on patching my knowledge potholes. One of them is Apache/cgi/perl configuration. I am using Mandrake 8.1 on an Intel machine, that comes pre-installed with Apache 1.3. Default configuration file (/etc/httpd/conf/commonhttpd.conf) looks as follows (only the last part that pertains to this issue, I hope :-) ): # This should be changed to whatever you set DocumentRoot to. # Directory /var/www/html # # This may also be None, All, or any combination of Indexes, # Includes, FollowSymLinks, ExecCGI, or MultiViews. # # Note that MultiViews must be named *explicitly* --- Options All # doesn't give it to you. # Options Indexes FollowSymLinks MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be All, or any combination of Options, FileInfo, # AuthConfig, and Limit # AllowOverride All # # Controls who can get stuff from this server. # Order allow,deny Allow from all /Directory Directory /var/www/perl AllowOverride All #Options Indexes FollowSymLinks MultiViews ExecCGI Options FollowSymLinks MultiViews ExecCGI Order allow,deny Allow from all /Directory Directory /var/www/cgi-bin AllowOverride All Options Includes ExecCGI /Directory Directory /var/www/protected-cgi-bin AllowOverride None Options ExecCGI Order deny,allow Deny from all Allow from 127.0.0.1 #allow from .your_domain.com /Directory # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # #Directory /home/*/public_html #AllowOverride FileInfo AuthConfig Limit #Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec #Limit GET POST OPTIONS PROPFIND #Order allow,deny #Allow from all #/Limit #LimitExcept GET POST OPTIONS PROPFIND #Order deny,allow #Deny from all #/LimitExcept #/Directory # These settings are pretty flexible, and allow for Frontpage and XSSI Directory /Users/*/public_html AllowOverride All Options MultiViews Indexes Includes FollowSymLinks Order allow,deny Allow from all /Directory #Directory /Users/*/public_html/cgi-bin #AllowOverride All #Options ExecCGI #SetHandler cgi-script #/Directory IfModule mod_perl.c Directory /Users/*/public_html/cgi-bin SetHandler perl-script PerlHandler Apache::PerlRun Options -Indexes ExecCGI PerlSendHeader On /Directory /IfModule Directory /var/www/icons Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all /Directory Directory /usr/share/doc Options Indexes FollowSymLinks Order deny,allow Deny from all Allow from 127.0.0.1 #allow from .your_domain.com /Directory Location /index.shtml Options +Includes /Location IfModule mod_perl.c PerlModule Apache::Registry #set Apache::Registry Mode for /perl Alias Location /perl/*.pl SetHandler perl-script PerlHandler Apache::Registry Options -Indexes ExecCGI PerlSendHeader On /Location #set Apache::PerlRun Mode for /cgi-perl Alias Location /cgi-perl/*.pl SetHandler perl-script PerlHandler Apache::PerlRun Options -Indexes ExecCGI PerlSendHeader On /Location /IfModule Now, there are several issues that I am trying to figure out: My Cgi dirs (both the system one in /var/www/cgi-bin/ and individual user ones in /home/~username/public_html/cgi-bin/ ) do work if I call a cgi script directly from an url (i.e. http://foo.com/cgi-bin/bar.cgi). The problem is when I want to use a cgi script within an html file, no matter where I store the html file (obviously default preference being in my user's public_html folder), the --#exec ... -- calls, or any other call of such type contained within an Html file, is simply ignored. I tried fiddling with configuration, but am lacking in-depth knowledge of all the different settings (I do understand that I do need to have Options and Includes in the folders where I need to be able to have html files with embeded cgi calls -- please correct me if I am wrong). Also, I am not quite sure what is the difference between, for instance +Includes -Includes, and just simply Includes (my understanding from all of the doc searching is that the first two add/subtract from the default settings possibly stored in the folder's .htaccess, while the third one explicitly adds this functionality?). Searching over the net for the solution has resulted in a frustratingly wasted weekend. So, I am hoping that someone would be kind enough to help me figure this issue out. Even the calls like: !--#echo var=DATE_LOCAL -- (not sure if this still falls into the mod_perl category tho) and !--#exec cmd=/usr/ucb/finger $REMOTE_USER@$REMOTE_HOST-- (yet another copy/paste thing that I put into my html file to
Re: Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)]
http://httpd.apache.org/docs/howto/ssi.html#configuringyourservertopermitssi for more information than I'm writing out... You need to have (somewhere in the main configuration section) the following: # # To use server-parsed HTML files # AddType text/html .shtml AddHandler server-parsed .shtml Then make the suffix of your files .shtml. You can do: AddType text/html .shtml AddHandler server-parsed .shtml .html .htm to make all of your files be server-parsed. This can be a huge slowdown if your site gets many hits. You can take out the Location /index.shtml altogether. Also, in your /cgi-bin alias, don't do Options ExecCGI even though that probably works fine. You might be better off with the following: # # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the realname directory are treated as applications and # run by the server when requested rather than as documents sent to the client. # The same rules about trailing / apply to ScriptAlias directives as to # Alias. # ScriptAlias /cgi-bin/ /var/www/cgi-bin/ Directory /var/www/cgi-bin AllowOverride None Options None Order allow,deny Allow from all /Directory One of the bad things about having a regular Directory setting without the ScriptAlias, and just turning on Options ExecCGI is that the directory will be browseable by default. Meaning that I could just go to http://yourserver/cgi-bin and view all the CGI's in your directory, and maybe (too tired to test) view their contents. Make sure you put always put an ending / on your script alias definition. -- Ryan - Original Message - From: Ivica Bukvic [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, February 18, 2002 1:46 AM Subject: Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)] Hi all, I am a self-taught Linux admin, working hard on patching my knowledge potholes. One of them is Apache/cgi/perl configuration. I am using Mandrake 8.1 on an Intel machine, that comes pre-installed with Apache 1.3. Default configuration file (/etc/httpd/conf/commonhttpd.conf) looks as follows (only the last part that pertains to this issue, I hope :-) ): # This should be changed to whatever you set DocumentRoot to. # Directory /var/www/html # # This may also be None, All, or any combination of Indexes, # Includes, FollowSymLinks, ExecCGI, or MultiViews. # # Note that MultiViews must be named *explicitly* --- Options All # doesn't give it to you. # Options Indexes FollowSymLinks MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be All, or any combination of Options, FileInfo, # AuthConfig, and Limit # AllowOverride All # # Controls who can get stuff from this server. # Order allow,deny Allow from all /Directory Directory /var/www/perl AllowOverride All #Options Indexes FollowSymLinks MultiViews ExecCGI Options FollowSymLinks MultiViews ExecCGI Order allow,deny Allow from all /Directory Directory /var/www/cgi-bin AllowOverride All Options Includes ExecCGI /Directory Directory /var/www/protected-cgi-bin AllowOverride None Options ExecCGI Order deny,allow Deny from all Allow from 127.0.0.1 #allow from .your_domain.com /Directory # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # #Directory /home/*/public_html #AllowOverride FileInfo AuthConfig Limit #Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec #Limit GET POST OPTIONS PROPFIND #Order allow,deny #Allow from all #/Limit #LimitExcept GET POST OPTIONS PROPFIND #Order deny,allow #Deny from all #/LimitExcept #/Directory # These settings are pretty flexible, and allow for Frontpage and XSSI Directory /Users/*/public_html AllowOverride All Options MultiViews Indexes Includes FollowSymLinks Order allow,deny Allow from all /Directory #Directory /Users/*/public_html/cgi-bin #AllowOverride All #Options ExecCGI #SetHandler cgi-script #/Directory IfModule mod_perl.c Directory /Users/*/public_html/cgi-bin SetHandler perl-script PerlHandler Apache::PerlRun Options -Indexes ExecCGI PerlSendHeader On /Directory /IfModule Directory /var/www/icons Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all /Directory Directory /usr/share/doc Options Indexes FollowSymLinks Order deny,allow Deny from all Allow from 127.0.0.1 #allow from .your_domain.com /Directory Location /index.shtml Options +Includes /Location IfModule
Re: Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)]
Oh yeah: To make your scripts output more sensible information to the screen/error logs you can put the following use statement at the top of the CGI: #!perl -w use strict; use CGI::Carp qw(fatalsToBrowser); CGI::Carp will make sure that actual Perl errors go to your browser and error log. Also, try running your scripts from the command line as such perl -c script.cgi before trying to actually run them. The -c option tells Perl to compile without actually running. It can save you alot of time. If you've downloaded the scripts from some online Perl-CGI repository than use strict; will most-likely break the script, and -w will most likely fill your logs with crap you're not looking to find. But they can help out alot if you're looking to write clean scripts. Basically if you're sure that you're sending the appropriate headers (Content-type: text/html\n\n) before you print to STDOUT, then your script is probably dying prematurely without spitting out any content at all. Hopefully perl -c script.cgi will tell you why. If not then you may want to resort to putting * print STDERR Reached line: ,__LINE__,\n; * at strategic areas in your script so you know how far it's getting in execution before it's untimely demise. -- Ryan - Original Message - From: Ryan Parr [EMAIL PROTECTED] To: Ivica Bukvic [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, February 18, 2002 3:18 AM Subject: Re: Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)] http://httpd.apache.org/docs/howto/ssi.html#configuringyourservertopermitssi for more information than I'm writing out... You need to have (somewhere in the main configuration section) the following: # # To use server-parsed HTML files # AddType text/html .shtml AddHandler server-parsed .shtml Then make the suffix of your files .shtml. You can do: AddType text/html .shtml AddHandler server-parsed .shtml .html .htm to make all of your files be server-parsed. This can be a huge slowdown if your site gets many hits. You can take out the Location /index.shtml altogether. Also, in your /cgi-bin alias, don't do Options ExecCGI even though that probably works fine. You might be better off with the following: # # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the realname directory are treated as applications and # run by the server when requested rather than as documents sent to the client. # The same rules about trailing / apply to ScriptAlias directives as to # Alias. # ScriptAlias /cgi-bin/ /var/www/cgi-bin/ Directory /var/www/cgi-bin AllowOverride None Options None Order allow,deny Allow from all /Directory One of the bad things about having a regular Directory setting without the ScriptAlias, and just turning on Options ExecCGI is that the directory will be browseable by default. Meaning that I could just go to http://yourserver/cgi-bin and view all the CGI's in your directory, and maybe (too tired to test) view their contents. Make sure you put always put an ending / on your script alias definition. -- Ryan - Original Message - From: Ivica Bukvic [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, February 18, 2002 1:46 AM Subject: Configuration problem -- HTML embeded cgi script calls not working [using default MDK/Linux 8.1 (Apache 1.3)] Hi all, I am a self-taught Linux admin, working hard on patching my knowledge potholes. One of them is Apache/cgi/perl configuration. I am using Mandrake 8.1 on an Intel machine, that comes pre-installed with Apache 1.3. Default configuration file (/etc/httpd/conf/commonhttpd.conf) looks as follows (only the last part that pertains to this issue, I hope :-) ): # This should be changed to whatever you set DocumentRoot to. # Directory /var/www/html # # This may also be None, All, or any combination of Indexes, # Includes, FollowSymLinks, ExecCGI, or MultiViews. # # Note that MultiViews must be named *explicitly* --- Options All # doesn't give it to you. # Options Indexes FollowSymLinks MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be All, or any combination of Options, FileInfo, # AuthConfig, and Limit # AllowOverride All # # Controls who can get stuff from this server. # Order allow,deny Allow from all /Directory Directory /var/www/perl AllowOverride All #Options Indexes FollowSymLinks MultiViews ExecCGI Options FollowSymLinks MultiViews ExecCGI Order allow,deny Allow from all /Directory Directory /var/www/cgi-bin AllowOverride All Options Includes ExecCGI /Directory Directory /var/www/protected-cgi
